aboutsummaryrefslogtreecommitdiff
path: root/connector
diff options
context:
space:
mode:
Diffstat (limited to 'connector')
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java2
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java33
2 files changed, 3 insertions, 32 deletions
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java
index 633559de..aa45c836 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/MonitoringController.java
@@ -48,8 +48,8 @@ import at.gv.egiz.eaaf.core.api.data.EaafConstants;
import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory;
import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
-import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory;
import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration;
import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataConfigurationFactory;
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java
index 43f1740f..651b7b78 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/PvpMetadataProvider.java
@@ -25,10 +25,8 @@ package at.asitplus.eidas.specific.connector.provider;
import java.io.IOException;
import java.security.KeyStore;
-import java.security.KeyStoreException;
import java.security.Provider;
import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Collections;
@@ -38,7 +36,6 @@ import org.apache.commons.lang3.StringUtils;
import org.opensaml.saml.metadata.resolver.MetadataResolver;
import org.opensaml.saml.metadata.resolver.filter.MetadataFilter;
import org.opensaml.saml.metadata.resolver.filter.MetadataFilterChain;
-import org.opensaml.security.x509.BasicX509Credential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -50,11 +47,10 @@ import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
import at.gv.egiz.eaaf.core.exceptions.EaafException;
import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
-import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils;
import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
import at.gv.egiz.eaaf.core.impl.data.Pair;
-import at.gv.egiz.eaaf.core.impl.utils.IHttpClientFactory;
+import at.gv.egiz.eaaf.core.impl.http.IHttpClientFactory;
import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.AbstractChainingMetadataProvider;
import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.PvpMetadataResolverFactory;
@@ -131,7 +127,7 @@ public class PvpMetadataProvider extends AbstractChainingMetadataProvider {
final List<MetadataFilter> filterList = new ArrayList<>();
filterList.add(new SchemaValidationFilter(true));
filterList.add(new SimpleMetadataSignatureVerificationFilter(
- getTrustedCertificates(keyStore.getFirst()), entityId));
+ keyStore.getFirst(), entityId));
filterList.add(new PvpEntityCategoryFilter(
basicConfig.getBasicConfigurationBoolean(MsEidasNodeConstants.PROP_CONFIG_PVP_ENABLE_ENTITYCATEGORIES,
true)));
@@ -177,29 +173,4 @@ public class PvpMetadataProvider extends AbstractChainingMetadataProvider {
return "Service-provider chainging metadata provider";
}
-
- private List<BasicX509Credential> getTrustedCertificates(KeyStore trustStore) throws EaafConfigurationException {
- try {
- final List<X509Certificate> certs =
- EaafKeyStoreUtils.readCertsFromKeyStore(trustStore);
- if (certs.isEmpty()) {
- log.warn("No trusted metadata-signing certificates in configuration");
- throw new EaafConfigurationException("module.eidasauth.02",
- new Object[] { "No trusted metadata-signing certificates" });
-
- }
-
- final List<BasicX509Credential> result = new ArrayList<>();
- for (final X509Certificate cert : certs) {
- result.add(new BasicX509Credential(cert));
-
- }
- return result;
-
- } catch (final KeyStoreException e) {
- throw new EaafConfigurationException("module.eidasauth.01",
- new Object[] { "Trusted metadata-signing certificates", e.getMessage() }, e);
-
- }
- }
}